<?php
/*
YHM (Your Hosting Manager) - Copyright 2010 All Rights Reserved. - YHM Group
Released under the Simplified BSD Licence.

Website: http://yhm.co.uk
Licence: http://yhm.co.uk/about/#licence

file: admin/staffaccounts.php
author: Kieran D. (Polarbear541)
*/

//Init Includes, Sessions and Page Info
require_once("../global.php");
session_start();
checklogin_admin();
$username = $_SESSION['user_name'];
$page = "settings";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>YHM - Admin CP - Staff Accounts</title>
<meta http-equiv="Content-Language" content="English" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link rel="stylesheet" type="text/css" href="../style.css" media="screen" />
</head>
<body>

<?php include("./header.php"); ?>

<div id="content">

	<h2>Staff Accounts - <a href="./staffaccounts.php?action=create">Create</a></h2>

	<?php
	//Assign Variables
	$action=($_GET['action']);

	if ($action == "create") //Check if creating staff account, if so show form
	{
		if ($error == 1)
		{
			$error = "Please fill in all the fields!";
			error($error);
		}
		elseif ($error == 2)
		{
			$error = "Passwords do not match!";
			error($error);
		}
		elseif ($error == 3)
		{
			$error = "Username already in use!";
			error($error);
		}
		elseif ($error == 4)
		{
			$error = "Email already in use!";
			error($error);
		}
		
		echo "<form action='./staffaccounts.php?action=do_create' method='POST'><br />
		Username: <br /><input type='text' name='username' id='username'/><br /><br />
		Password: <br /><input type='password' name='password' id='password'/><br /><br />
		Confirm: <br /><input type='password' name='confirm' id='confirm'/><br /><br />
		Email: <br /><input type='text' name='email' id='email'/><br /><br />
		<input type='submit' value='Create'></form><br />";
	}

	elseif ($action == "do_create") //Check if doing creation, if so run query
	{	
		//Get variables from POST
		$user = $_POST['username'];
		$password = $_POST['password'];
		$confirm = $_POST['confirm'];
		$email = $_POST['email'];
		
		$userdupe = mysql_query("SELECT * FROM ".TABLE_PREFIX."users WHERE username='$user'");
		$emaildupe = mysql_query("SELECT * FROM ".TABLE_PREFIX."users WHERE email='$email'");
	
		if (empty($user) || empty($password) || empty($email)) //Check if fields are empty, if so then display error
		{
			redirect("./staffaccounts.php?action=create&error=1");
		}
		elseif ($password != $confirm) //Check if passwords are not the same, if so then display error
		{
			redirect("./staffaccounts.php?action=create&error=2");
		}
		elseif (mysql_num_rows($userdupe) != 0)
		{
			redirect("./staffaccounts.php?action=create&error=3");
		}
		elseif (mysql_num_rows($emaildupe) != 0)
		{
			redirect("./staffaccounts.php?action=create&error=4");
		}
		else
		{	
			//Sanitize Variables
			$user = trim(htmlspecialchars(mysql_real_escape_string($user)));
			$password = trim(htmlspecialchars(mysql_real_escape_string($password)));
			$email = trim(htmlspecialchars(mysql_real_escape_string($email)));
		
			//General Random Salt and MD5 Password
			$salt = random_str(10);
			$password = md5($salt.md5($password.$salt));
			$password = md5($password);
		
			//Run Query and Display Result or Error
			$query = "INSERT INTO ".TABLE_PREFIX."users (username,password,salt,email,gid) VALUES ('$user','$password','$salt','$email','1')";
			$result = mysql_query($query);
		
			if (!$result)
			{
				echo "Cannot create staff account - " . mysql_error() . "";
			}
			
			else
			{
				echo "Account created successfully! <br />";
				echo "<a href='./staffaccounts.php'>Click here to go back if not redirected</a><br />";
				redirect("./staffaccounts.php", 2);
			}
		}
	}

	elseif ($action == "edit") //Check if editing, if so display form
	{
		//Assign Variables and Sanitize
		$id = ($_GET['id']);
		$id = mysql_real_escape_string($id);
		
		if ($id == null)
		{
		  die ("Please specify a staff account id to edit!<br /><br /><a href='./staffaccounts.php>Click here to go back</a><br />");
		  exit();
		}
		
		$check_staff_query = "SELECT MAX(id) FROM ".TABLE_PREFIX."users WHERE gid=1 ORDER BY id DESC LIMIT 1";
		$check_staff = mysql_query($check_staff_query);
		$valid_staff = mysql_result($check_staff, 0);
       
	   if($id > $valid_staff)
	   {
	     die ("The staff account you requested does not exist.<br /><br /><a href='./staffaccounts.php>Click here to go back</a><br />");
	     exit();
	   }

		//Query to run
		$query = "SELECT * FROM ".TABLE_PREFIX."users WHERE id=$id";
		//Run query
		$result = mysql_query($query);
		$row = mysql_fetch_array($result);
		//Output the form
		echo "<form action='./staffaccounts.php?action=do_edit&id=" . $id . "' method='POST'><br /><br />
		Username: <br /><input type='text' name='username' id='username' value='" . $row['username'] . "'/><br /><br />
		Password: <br /><input type='password' name='password' id='password'/><br /><br />
		Confirm: <br /><input type='password' name='confirm' id='confirm'/><br /><br />
		Email: <br /><input type='text' name='email' id='email' value='" . $row['email'] . "'/><br /><br />
		<center><input type='submit' value='Submit'></center></form>";
	}

	elseif ($action == "do_edit") //Check if doing edit, if so run query
	{
		//Assign Variables
		$user = $_POST['username'];
		$password = $_POST['password'];
		$confirm = $_POST['confirm'];
		$email = $_POST['email'];
		$id=($_GET['id']);
		
		//Sanitize Variables
		$user = trim(htmlspecialchars(mysql_real_escape_string($user)));
		$password = trim(htmlspecialchars(mysql_real_escape_string($password)));
		$email = trim(htmlspecialchars(mysql_real_escape_string($email)));
		$id = mysql_real_escape_string($id);
	
		if (empty($id))
		{
			echo "Please specify a user account id to edit!<br /><a href='./staffaccounts.php?action=edit'>Click here to go back</a><br />";
		}
	
		elseif (empty($user) || empty($email)) //If fields are empty display error
		{
			echo "<br />";
			echo "Please fill in all the fields!";
			echo "<br />";
			echo "<a href='./staffaccounts.php?action=edit&id=" . $id . "'>Click here to go back</a>";
		}	
	
		elseif (empty($password) || empty($confirm)) //If passwords are empty do not update them
		{
			$query = "UPDATE ".TABLE_PREFIX."users SET username='$user', email='$email' WHERE id='$id'";
			$result = mysql_query($query) or die('Error:' . mysql_error() . '');
			$_SESSION['user_name'] = $user;
			echo "The Account has been saved! <br />";
			echo "<a href='./staffaccounts.php'>Click here to go back if not redirected</a><br />";
			redirect("./staffaccounts.php", 2);
		}	
				
		elseif($password != $confirm) //If the passwords are NOT the same. Again display an error message and redirect
		{
			echo "Passwords do not match! <br />";
			echo "<a href='./staffaccounts.php?action=edit&id=" . $row['id'] . "'>Click here to go back</a>";
		}
		
		else //If passwords are specifed and correct update user info
		{
			$salt = random_str(10);
			$password = md5($salt.md5($password.$salt));
			$password = md5($password);
			$query = "UPDATE ".TABLE_PREFIX."users SET username='$user', password='$password', salt='$salt', email='$email' WHERE id='$id'";
			$result = mysql_query($query) or die('Error:' . mysql_error() . '');
			$_SESSION['user_name'] = $user;
			echo "The account has been saved and the password changed! <br />";
			echo "<a href='./staffaccounts.php'>Click here to go back if not redirected</a><br />";
			redirect("./staffaccounts.php", 2);
		}
	}

	elseif ($action == "delete") //Check if deleting, if so run query
	{
		//Assign and Sanitize Variables
		$id = ($_GET['id']);
		$id = mysql_real_escape_string($id);
		
		if ($id != "") //Check if ID is specified, if not show error
		{	
			//Run query and return response.
			$query = "DELETE FROM ".TABLE_PREFIX."users WHERE id='$id'";
			$result = mysql_query($query) or die('Error:' . mysql_error() . '');
			echo "The account has been deleted! <br />";
			echo "<a href='./staffaccounts.php'>Click here to go back if not redirected</a><br />";
			redirect("./staffaccounts.php", 2);
		}
	
	}

	else //If not performing any action, list staff accounts
	{
		//Query to run
		$query = mysql_query("SELECT * FROM ".TABLE_PREFIX."users WHERE gid = 1 ORDER BY username ASC");
		
		//Display Staff Users
		while($row = mysql_fetch_array($query))
		{
			echo "<p>" . $row['username'] . " <a href='./staffaccounts.php?action=edit&id=" . $row['id'] . "'><img border='none' src='../images/staff_edit.png'/></a>";
			echo "<a href='./staffaccounts.php?action=delete&id=" . $row['id'] . "'><img border='none' src='../images/staff_delete.png'/></a></p>";
		}	
		
	
	}
	?>

	<?php require_once("../footer.php"); ?>

</div>
</body>
</html>